Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-0053

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-0053
Last Modified 10 Sep 2008 03:34:50
Published 02 May 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-0053

Summary

Internet Explorer 5.01, 5.5, and 6 allows remote attackers to execute arbitrary code via drag and drop events, aka the "Drag-and-Drop Vulnerability."

Vulnerable Systems

Operating System

  • Microsoft Windows 2000

  • Microsoft Windows 2003 Server Enterprise

  • Microsoft Windows 2003 Server Enterprise 64-bit

  • Microsoft Windows 2003 Server R2

  • Microsoft Windows 2003 Server Standard

  • Microsoft Windows 2003 Server Web

  • Microsoft Windows 98

  • Microsoft Windows 98se

  • Microsoft Windows Me

  • Microsoft Windows Xp

Application

  • Microsoft Ie 5.0.1

  • Microsoft Ie 5.5

  • Microsoft Ie 6.0


References

CERT - TA05-039A

CERT-VN - VU#698835

XF - ie-dragdrop-gain-privileges(19117)

BID - 11466

MS - MS05-014

MS - MS05-008


Last Updated: 27 May 2016 10:39:38